In Linux or Unix systems, UMASK (User Mask) is crucial for setting default permissions when new files or directories are created. It influences multiple Linux commands like
mkdir,
touch, and
tee, playing a role in every new file or directory creation.
File Permissions Explained:
To understand UMASK fully, let’s first explore file permissions. Linux is lauded for its security, with every file or directory associated with specific permissions and ownerships, categorized into three user classes:
- User: The owner of the file, typically the creator unless altered.
- Group: A collection of users who have specific permissions.
- Other: All other users not included in the owner or group categories.
Each class has three types of file access:
- r – Read permission: Allows reading the file content.
- w – Write permission: Allows modifying the file content.
- x – Execute permission: Allows executing the file as a program.
Viewing Permissions – Symbolic Mode:
To view file permissions, use the ls -l command. Here’s an illustration:
The first character denotes the file type. Linux recognizes different types:
| – | Regular file |
| d | Directory |
| l | Symbolic link |
| c | Character device file |
| b | Block device file |
The following nine symbols indicate permissions, divided into three sets:
| rwx | The owner has full read, write, and execute permissions. |
| r-x | Group members can read and execute, but not write. |
| r-x | Other users can read and execute, but not write. |
Viewing Permissions – Numeric Mode:
Permissions can also be represented in numeric mode:
| 0 | — | No permissions |
| 1 | –x | Execute only |
| 2 | -w- | Write only |
| 3 | -wx | Write and execute |
| 4 | r– | Read only |
| 5 | r-x | Read and execute |
| 6 | rw- | Read and write |
| 7 | rwx | Read, write, and execute |
For example, permissions rwxr-xr-x translate to numeric 755.
Understanding UMASK:
Create a file and directory:
$ touch testfile
$ mkdir testdirCheck permissions:
$ ls -l
Output:
drwxr-xr-x 2 niteshb users 4096 Mar 21 22:43 testdir
-rw-r--r-- 1 niteshb users 0 Mar 21 22:43 testfileNotice the default permissions set due to UMASK. The default permissions for a file are 666, and 777 for a directory. The UMASK is a subtractive value.
To view UMASK, use:
$ umask
Output:
0022Change UMASK temporarily using:
$ umask 0044Permissions Calculation:
Calculate permissions by subtracting UMASK from the default:
- Files: 666 – 022 = 644
- Directories: 777 – 022 = 755
View UMASK in symbolic form:
$ umask
Output:
u=rwx,g=rx,o=rxSetting UMASK:
To set a permanent UMASK, edit
/etc/profile,
~/.profile,
~/.bashrc, or
~/.zshrc. Ensure it does not reduce security (e.g., umask 000 grants full permissions to everyone).
To give newly created files 640 and directories 750 permissions, set:
Umask value: 777-750 = 027Edit /etc/profile with:
umask 0027Refresh with:
$ source /etc/profileCreate new files and check with:
$ mkdir newtestdir
$ touch newtestfile
For verification:
$ ls -l
Output:
drwxr-xr-- 2 niteshb users 4096 Mar 21 22:43 newtestdir
-rw-r----- 1 niteshb users 0 Mar 21 22:43 newtestfileAlternatively, use symbolic notation:
umask u=rwx,g=rx,o=Conclusion:
This guide explained Linux permissions and UMASK’s role in setting permissions for newly created files and directories. For detailed information, type:
$ man umaskFrequently Asked Questions (FAQ):
What is the default UMASK value on Linux?
On most Linux systems, the default UMASK value is 022, which subtracts from default permissions of 666 for files and 777 for directories, resulting in 644 and 755 respectively.
How does UMASK affect permissions?
UMASK is a subtractive mask that determines the default permissions when a new file or directory is created. For instance, a UMASK of 022 will remove write permission for groups and others.
Can I have different UMASK values for files and directories?
No, UMASK is applied uniformly. It affects both files and directories based on the subtractive rule but how each interprets those permissions are different by nature. Example: Directories need execute permission for navigation.
How can I make UMASK changes permanent for a specific user?
To make UMASK changes permanent for a specific user, edit their shell configuration files such as ~/.bashrc, ~/.profile, or ~/.zshrc, and add the desired umask value.